My new book Bitcoin for Nonmathematicians is now available in Amazon Kindle and B&N Nook ebook formats
Finally, PCI DS Council noticed that two factor authentication could resolve a lot of security problems and prevent a lot of breaches.
Recently, I had a discussion about information security, and somebody asked me “how’s bitcoin actually related to information security?”
Here is how bitcoin is linked to information security.
First, bitcoin is an alternative payment system, which was created in order to resolve security problems of online payments, and theoretically can replace plastic cards everywhere, not just online. I hope everyone knows about security problems of payment card industry. If by any chance you don’t, read Hacking Point of Sale.
Second, bitcoin and its own security based on cryptography, which is one of the most important subjects of information security. If you want to know more about bitcoin cryptography - read Bitcoin for Nonmathematicians.
And finally, bitcoin is currently one of the main methods of payment on darknet marketplaces where bad guys sell results of bad information security: our stolen credit cards, medical records, bank accounts, etc. If you want to know more about darknet and data breaches… Well, perhaps I should start writing a book about it.
This is an interesting methodology to measure and classify security breaches.
But they go even further and in addition to index from 0 to 10 they also define a scale from 1 to 5.
This is great review of my new book about bitcoin written by Ben Rothke in RSA Conference blog.
This is excellent report on current situation with ransomware threat. While I am not encouraging everyone but security guys to read this technical paper from cover to cover, I would like to point everyone's attention to at least Chapter 6 Section 5 which is a good answer to people who still doubt if they have to have offsite backups. I hope after you read this paper you will never have a discussion about offsite backups again. By the way, this threat is relevant to any sensitive data storage from your personal Google Drive to corporate databases.
Interesting idea: malware-hunting malware. Can we use it as anti-malware?
Interesting article about the risk of keeping unneeded data.